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DETAILED ACTION 
EXAMINER'S AMENDMENT 

1 . The following is an Examiner's statement of reasons for the indication of allowable 
subject matter; The prior art of record does not disclose, make obvious, or otherwise 
suggest the structure of the applicant's prediction program, prediction apparatus, and 
prediction method together with the other Hmitations of the independent claims. 

The dependent claims being further limiting and definite are also allowable. Any comments 
considered necessar>' by applicant must be submitted no later Uian tlie payment of the Issue Fee and, to 
avoid processing delays, should preferably accompany the Issue Fee. Such submissions should be clearly 
labeled "Comments on StiUement of Reasons for Allowance. 

Authorization for this examiner's amendment was given in an interview with Eric 

Gash on January 27, 2006. 

AMENDMENT TO THE CLAIMS: 

Claims 18 and 20-24 have been amended. Claims 1-10 and 18-27 remain pending 
in the application. 

WHAT IS CLAIMED IS: 

1 8. (Currently Amended) A method as in claim 1, wherein the extent of proxy authorization 
comprises as restriction on a range of target services that the proxy cHent may is 
authorized to access on behalf of the user. 

20. (Currently Amended) A computer-readable medium having computer-executable 
instructions for performing steps: 

receiving a proxy request from a first user to access a target service, wherein 
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access to the target service is restricted to a set of one or more users that excludes 
the first user and includes a second user; 

comparing the proxy request with a plurality of proxy authorizations maintained 
in the a first data structure to determine whether to grant the proxy request, wherein each 
proxy authorization identifies a user granting proxy authorization, a user receiving proxy 
authorization and an extent of proxy authorization; and 

issuing a second data structure containing data recognizable by the target service 
for authenticating the first user to access the target service as a proxy of the second user, 
if the proxy request is granted. 

21. (Currently Amended) A computer-readable medium as in claim 20, wherein the 
e xtent of each proxy authorization comprises a restriction on a range of target services 
that the proxy client user receiving proxy authorization may is authorized to access on 
behalf of the user granting proxy authorization . 

22. (Ciirrendy Amended) A computer-readable medium as in claim 20, wherein the 
ext e nt of each proxy authorization comprises a restriction on a duration that the first 
cU e nt user receiving proxy authorization ean is authorized to act as a proxy of the s e cond 
user granting proxy authorization . 
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23. (Currently Amended) A computer-readable medium as in claim 20, wherein the 
second data structure is a ticket containing a key for use in a session formed between the 
first cli e nt user and the target service. 

24. (CurrenUy Amended) A computer-readable medium as in claim 20, farther 
comprising authenticating the first cli e nt user based on a ticket issued to the first cli e nt 
user for communicating the proxy request. 

Reasons for Allowance 

2. Claims 1-10 and 18-27 are allowed. 

3. The following is a statement of reasons for the indication of allowable subject matter: 
the prior arts of records, neither anticipates nor renders obvious the following 
limitations as claimed: 

As to claim 1, the prior art of records fail to anticipate or suggest a method of 
enabling a proxy client in a secured network to access a target service on behalf of a user, 
comprising the steps of: 

registering proxy authorization information regarding the user with a trusted 
security server, the proxy authorization information identifying the proxy client and an 
extent of proxy authorization granted the proxy cUent by the user; 
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submitting, by the proxy client, a proxy request to the trusted security server 
requesting access to the target service on behalf of the user; 

comparing, by the trusted security server, the proxy request with the registered 
proxy authorization information of the user to determine whether to grant the proxy 
request; and 

issuing, by the trusted security server, a data structure containing authentication 
data recognizable by the target service for authenticating the proxy client for accessing 
the target service on behalf of the user, if it is determined to grant the proxy request, 
together with the other limitations of the independent claims. 

As to claim 6, the prior art of records fail to anticipate or suggest a computer- 
readable medium having computer-executable instructions for performing steps: 

storing proxy authorization information from a user for authorizing a proxy client 
to act as a proxy of the user, the proxy authorization information identifying an extent of 
proxy authorization granted the proxy client by the user; and 

receiving a proxy request from the proxy client to access a target service on behalf 
of the user; 

determining, based on the stored proxy authorization information of the user, 
whether to grant the proxy request; 

constructing a data structure containing authentication data recognizable by the 
target service for authenticating the proxy client for accessing the target service on behalf 
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of the user, if it is determined to grant the proxy request, together with the other 
limitations of the independent claims. 

As to claim 20, the prior art of records fail to anticipate or suggest a computer- 
readable medium having computer-executable instructions for performing steps: 

receiving a proxy request from a first user to access a target service, wherein 
access to the target service is restricted to a set of one or more users that excludes the 
first user and includes a second user; 

comparing the proxy request with a plurality of proxy authorizations 
maintained in the first data structure to determine whether to grant the proxy request, 
wherein each proxy authorization identifies a user granting proxy authorization, a user 
receiving proxy authorization and an extent of proxy authorization; and 

issuing a second data structure containing data recognizable by the target service 
for authenticating the first user to access the target service as a proxy of the 
second user, if the proxy request is granted, together with the other limitations of the 
independent claims. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Belix M. Ortiz whose telephone number is 571-272-4081. 
The examiner can normally be reached on moday-friday 9am-5pm. 
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The fax phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an appHcation may be obtained from the 
Patent AppUcation Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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